zec
/
zips
mirror of https://github.com/zcash/zips.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Specify the range of j when generating diversifiers. 

Signed-off-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
Daira Hopwood 2018-07-05 13:57:44 +01:00
parent b3c051eb4f
commit 6f85acb9b1
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
zip-0032.rst
View File

@ -199,7 +199,7 @@ The 88-bit diversifiers for a Sapling extended key are derived from its diversif
In order to reach the maximum possible diversifier range without running into the birthday bound, we use In order to reach the maximum possible diversifier range without running into the birthday bound, we use
FF1-AES256 as a Pseudo-Random Permutation as follows: FF1-AES256 as a Pseudo-Random Permutation as follows:
- Let *j* be the index of the desired diversifier. - Let *j* be the index of the desired diversifier, in the range 0 .. 2\ :sup:`88`\ -1.
- *d*\ :sub:`i,j` = FF1-AES256.Encrypt(*dk*\ :sub:`i`\ , "", I2LEBSP\ :sub:`88`\ (*j*)) - *d*\ :sub:`i,j` = FF1-AES256.Encrypt(*dk*\ :sub:`i`\ , "", I2LEBSP\ :sub:`88`\ (*j*))
The default diversifier for a Sapling extended key is defined to be *d*\ :sub:`i,0`\ . The default diversifier for a Sapling extended key is defined to be *d*\ :sub:`i,0`\ .